☁️
AWS Solutions Architect Associate SAA-C03 Study Notes/
🔶
AWS Certificate Manager (ACM)/
🔷
ACM – Requesting Public Certificates
🔷

ACM – Requesting Public Certificates

Steps

  1. Specify Domain Names
      • FQDN (e.g., app.example.com)
      • Wildcard (e.g., .example.com) to cover all subdomains.
  1. Choose Validation Method
      • DNS Validation (recommended for automation): Add a provided CNAME record to your DNS (Route 53 or other).
      • Email Validation: Confirm via an email sent to WHOIS or common admin addresses.
  1. Complete Verification
      • DNS or email validation may take minutes to hours.
      • Certificate is issued after successful validation.
  1. Automatic Renewal
      • Renewals start 60 days before expiration.
      • ACM handles renewals for certificates it issued.

Best Practices

  • Prefer DNS validation for easier automation and scalability.
  • Keep DNS management access ready, especially for external DNS providers.
  • Use CloudWatch metrics or the ACM console to track certificate status.